Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2014.1264
Security Bulletin: Multiple security vulnerabilities in IBM Content
Analytics with Enterprise Search and IBM OmniFind Enterprise Edition
(CVE-2014-0114, CVE-2014-0050, CVE-2013-5879)
30 July 2014
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: IBM Content Analytics with Enterprise Search
IBM OmniFind Enterprise Edition
Publisher: IBM
Operating System: AIX
Linux variants
Windows
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Denial of Service -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2014-0411 CVE-2014-0114 CVE-2014-0050
CVE-2013-5879
Reference: ASB-2014.0077
ASB-2014.0005
ESB-2014.1262
ESB-2014.1258
ESB-2014.0102
ESB-2014.0065
ESB-2014.0058
Original Bulletin:
http://www-01.ibm.com/support/docview.wss?uid=swg21678830
- --------------------------BEGIN INCLUDED TEXT--------------------
Security Bulletin: Multiple security vulnerabilities in IBM Content Analytics
with Enterprise Search and IBM OmniFind Enterprise Edition (CVE-2014-0114,
CVE-2014-0050, CVE-2013-5879)
Security Bulletin
Document information
More support for:
Watson Content Analytics
Software version:
2.2, 3.0
Operating system(s):
AIX, Linux, Linux on System z, Windows
Reference #:
1678830
Modified date:
2014-07-18
Summary
Multiple security vulnerabilities have been identified in IBM Content
Analytics with Enterprise Search and IBM OmniFind Enterprise Edition.
Vulnerability Details
CVE ID: CVE-2014-0114
DESCRIPTION:
The version of Apache Struts used by the administration console could
allow a remote attacker to execute arbitrary code, caused by the failure
to restrict the setting of Class Loader attributes. An attacker could
exploit this vulnerability using the class parameter of an ActionForm
object to manipulate the ClassLoader and execute arbitrary code on
the system. This vulnerability does not affect user applications.
CVSS:
CVSS Base Score: 7.5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/92889 for
the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE ID: CVE-2014-0050
DESCRIPTION:
Apache Commons FileUpload is vulnerable to a denial of service, caused
by the improper handling of Content-Type HTTP header for multipart
requests. By sending a specially-crafted request, an attacker could
exploit this vulnerability to cause the application to enter into an
infinite loop.
CVSS:
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/90987 for
the current score
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
CVE ID: CVE-2013-5879
DESCRIPTION:
An unspecified vulnerability in Oracle Outside In Technology related
to the Outside In Maintenance component could allow a local attacker
to cause a denial of service or possibly be used by a remote attacker
to execute code on server installations.
CVSS:
CVSS Base Score: 1.5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/90282 for
the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:S/C:N/I:N/A:P)
Affected Products and Versions
IBM Content Analytics with Enterprise Search V3.0 and V2.2
IBM OmniFind Enterprise Edition V9.1
Remediation/Fixes
IBM recommends installing recommended fixes as outlined below.
Product IBM Content Analytics with Enterprise Search
VRMF V3.0
APAR None.
How to acquire If not already installed, install V3.0 Fix Pack 4 (see the Fix
the fix Pack download document).
Download and apply Interim Fix IF002. See the
3.0.0.4-WT-ICAwES-ReadMe-IF002.txt file for instructions.
Product IBM Content Analytics
VRMF V2.2
APAR None.
How to acquire If not already installed, install V2.2 Fix Pack 3 (see the Fix
the fix Pack download document).
Download and apply Interim Fix IF002. See the
2.2.0.3-WT-ICA-ReadMe-IF002.txt file for instructions.
Product OmniFind Enterprise Edition
VRMF V9.1
APAR None.
How to acquire If not already installed, install V9.1 Fix Pack 5 (see the Fix
the fix Pack download document).
Download and apply Interim Fix IF003. See the
9.1.0.5-WT-OEE-ReadMe-IF003.txt file for instructions.
References
Complete CVSS Guide
On-line Calculator V2
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Change History
July 16, 2014: Original version published
July 18, 2014: Removed CVE-2014-0411
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact
of this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency
and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT
WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING
THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
Cross reference information
Segment Product Platform Version
Watson Group OmniFind Enterprise Edition AIX, Linux, Solaris, 9.1
Windows, Linux on
System z
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBU9hMGxLndAQH1ShLAQL91RAAgBKkK+IzQInfznFE1VBfRQqHIaWjgJ/r
fRThbmDsPsJ9U1pAhUyEIsP5rNJezGQDUhO6cWQGZ38Ze9z+pR18u5D1MGLvIje1
4Cssfgk0sfKWS4CNfX53rbVaJBfGW74wsl7NekI/PAtPOkgD0AbnA1TERD+cr5YZ
uNK8OCrApKR6sEeCoUSK6xWLBdVZRZujcvnk1c9chCSaASu7mVMlfH/GlBfmQANC
yXv/2Fvj3bmRORJwauDGwiwu5t8IyB7lBgUf3+oaRauUN69h+3/QhkcWPlrxKqc0
Y70T3sJgelmrFXWIbhWFq+28hlq2CmxmapyKUT1N3gptv1N7rvickStJCyXiSB4L
QSnSrrqhrZ7NLBQqJ2ZkLY/6+bDPk3Mr9tdUcvS4UAo/XUFU/G+mXGHIngDueiDV
riNVZ63ArZJwK5Yp5TaVOxOGF9BrtFymfQw3KkTp4HP+YsJ2UAzCdR2QOKl7fkLp
L3zbM9ecswsN67IXqA7DBK3GglPRIH5GpKj/xNQGMnWWP3D/3My+Cw2YzDdcUH+2
+IzT832LYURkmcInWYWgWxHYcjSfWy6JhBS2Z9PPTNVJqI5riY1h6fVwUtZSae3+
5tM27gMvQMNaOozuLzA5L2AS+jaPDyWtxuBai1Yqzd9i/PEt3sbsHKeyYITGe91W
vIshsVY3NAU=
=TIhj
-----END PGP SIGNATURE-----